Hi Daniel, I have omitted to say that i had done (yesterday) some tests with a simple SNMPv3 configuration on MRTG.
I'm working on cisco and before testing MRTG-SNMPv3 i have validated the SNMPv3 confugaration with Net-SNMP. My SNMPV3 parameters on the router are corrects for NoAuthNoPriv,AuthNoPriv,AuthPriv. Note that i have tested with only NoAuthNoPriv and in the example i have respected the syntax of the MRTG Reference Documentation. I've also tested other configurations without success. Here are the configurations: ====================== BEGIN OF RESULT ================================ ################################################### snmp-server user adm-mrtg mrtg1 v3 snmp-server group mrtg1 v3 noauth snmp-server group mrtg2 v3 auth snmp-server group mrtg3 v3 priv ################################################### Router1#sh snmp user User name: adm-mrtg Engine ID: XXXX storage-type: nonvolatile active User name: adm-mrtg2 Engine ID: XXXX storage-type: nonvolatile active User name: adm-mrtg3 Engine ID: XXXX storage-type: nonvolatile active Router1#sh snmp group groupname: mrtg1 security model:v3 noauth readview :v1default writeview: <no writeview specified> notifyview: <no notifyview specified> row status: active groupname: mrtg2 security model:v3 auth readview :v1default writeview: <no writeview specified> notifyview: <no notifyview specified> row status: active groupname: mrtg3 security model:v3 priv readview :v1default writeview: <no writeview specified> notifyview: <no notifyview specified> row status: active ############################################################################ # MRTG Configuration: ------------------ #Globbal Config Options # for UNIX # WorkDir: /home/http/mrtg Workdir: /home/mrtg/preprod/data ### Global Defaults XSize[_]: 500 YSize[_]: 250 # to get bits instead of bytes and graphs growing to the right Language: french Options[_]: growright, pngdate, printrouter, unknaszero EnableSnmpV3: yes ###################################################################### Target[Router1_FastEthernet0_0]: 1:192.168.108.210:::::3 SnmpOptions[Router1_FastEthernet0_0]: username=>'adm-mrtg' SetEnv[Router1_FastEthernet0_0]: MRTG_INT_IP="192.168.108.210" MRTG_INT_DESCR="FastEthernet0/0" MaxBytes[Router1_FastEthernet0_0]: 12500000 blablabla .... ##################################################################### Net-Snmp results : ----------------- snmpget -u adm-mrtg 192.168.108.210 1.3.6.1.2.1.1.3.0 SNMPv2-MIB::sysUpTime.0 = Timeticks: (6647915) 18:27:59.15 #################################################################### MRTG Logfile : -------------- 2006-01-13 10:25:01 -- Started mrtg with config '/home/mrtg/preprod/conf/test.cfg' 2006-01-13 10:25:01 -- ERROR: Target[router1_fastethernet0_0][_IN_] '1:192.168.108.210:::::3' (warn): Bareword "::::" refers to nonexistent package at (eval 8) line 1. 2006-01-13 10:25:01 -- ERROR: Target[router1_fastethernet0_0][_OUT_] '1:192.168.108.210:::::3' (warn): Bareword "::::" refers to nonexistent package at (eval 9) line 1. =========END OF RESULTS ========================================================= I don't know where is(are) the problem(s) ... "my poor configuration" or ... Regards, -----Message d'origine----- De : Daniel J McDonald [mailto:[EMAIL PROTECTED] Envoyé : jeudi 12 janvier 2006 17:19 À : mrtg Objet : [mrtg] Re: MRTG and SNMPV3 On Thu, 2006-01-12 at 16:50 +0100, LE SAOUT Yann NEURONES wrote: > Hi, > > I'm trying to monitor a cisco router with Snmpv3 > protocol but i don't know how to use Net::SNMP like it's notified in the > reference documentation . > "mrtg-reference - MRTG 2.13.0rc4 configuration reference" > EnableSnmpV3 > When set to yes, uses the Net::SNMP module instead of the SNMP_SESSION > module for generating snmp queries. This allows the use of SNMPv3 if other > snmpv3 parameters are set. > SNMPv3 is disabled by default. > Example: > EnableSnmpV3: yes" > > Any idea ??? You need to specify all of the snmp v3 parameters on a target. For example: Target[fiskville-net.austin-energy.net.cpu1]: cpmCPUTotal5secRev.1&cpmCPUTotal1minRev.1:[EMAIL PROTECTED] .net::2:1:1:3 SnmpOptions[fiskville-net.austin-energy.net.cpu1]: authkey=>'0x5[omitted]',authprotocol=>'sha',privprotocol=>'des',username=>'p ublic',privkey=>'0x7[omitted]' On the Target[] statement, the snmp version must be set to "3" the SnmpOptions[] statement should have a hash of snmp v3 parameters. The number of parameters depends on how you set up your group/user. For example, this user was set up something like: snmp-server group mygroup v3 priv snmp-server user public mygroup v3 auth sha [omitted] priv des [omitted] access 79 I could have specified the authpassword and privpassword fields, along with the engineid, instead of using the hashed authkey and privkey statements. Since I wrote the original docs, please critique the discussion on SnmpOptions in the manual and offer suggestions. I spent a long time developing the solution, and know it a little too well to write good docs, as I don't know what the average person doesn't know.... -- Daniel J McDonald, CCIE # 2495, CNX, CISSP # 78281 Austin Energy [EMAIL PROTECTED] gpg Key: http://austinnetworkdesign.com/pgp.key Key fingerprint = B527 F53D 0C8C D38B DCC7 901D 2F19 A13A 22E8 A76A -- Unsubscribe mailto:[EMAIL PROTECTED] Archive http://lists.ee.ethz.ch/mrtg FAQ http://faq.mrtg.org Homepage http://www.mrtg.org WebAdmin http://lists.ee.ethz.ch/lsg2.cgi -- Unsubscribe mailto:[EMAIL PROTECTED] Archive http://lists.ee.ethz.ch/mrtg FAQ http://faq.mrtg.org Homepage http://www.mrtg.org WebAdmin http://lists.ee.ethz.ch/lsg2.cgi
